method

sanitize_limit

v7.2.3 - Show latest stable - Class: ActiveRecord::ConnectionAdapters::DatabaseStatements

sanitize_limit(limit)

public

Sanitizes the given LIMIT parameter in order to prevent SQL injection.

The limit may be anything that can evaluate to a string via #to_s. It should look like an integer, or an Arel SQL literal.

Returns Integer and Arel::Nodes::SqlLiteral limits as is.

# File activerecord/lib/active_record/connection_adapters/abstract/database_statements.rb, line 495
      def sanitize_limit(limit)
        if limit.is_a?(Integer) || limit.is_a?(Arel::Nodes::SqlLiteral)
          limit
        else
          Integer(limit)
        end
      end

sanitize_limit

Related methods